SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3462 / 3463)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings
the kernel to 2.6.32.24 and fixes some critical security bugs and
other non-security bugs.

Following security bugs were fixed :

- A iovec integer overflow in RDS sockets was fixed which
could lead to local attackers gaining kernel privileges.
(CVE-2010-3865)

- A local privilege escalation in RDS sockets allowed
local attackers to gain privileges. Please note that the
net/rds socket protocol module only lives in the.
(CVE-2010-3904)

-extra kernel package, which is not installed by default
on the SUSE Linux Enterprise Server 11.

- A problem in the compat ioctl handling in video4linux
allowed local attackers with a video device plugged in
to gain privileges on x86_64 systems. (CVE-2010-2963)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=564324
https://bugzilla.novell.com/show_bug.cgi?id=573330
https://bugzilla.novell.com/show_bug.cgi?id=603738
https://bugzilla.novell.com/show_bug.cgi?id=609196
https://bugzilla.novell.com/show_bug.cgi?id=612729
https://bugzilla.novell.com/show_bug.cgi?id=623307
https://bugzilla.novell.com/show_bug.cgi?id=624850
https://bugzilla.novell.com/show_bug.cgi?id=629901
https://bugzilla.novell.com/show_bug.cgi?id=629908
https://bugzilla.novell.com/show_bug.cgi?id=638860
https://bugzilla.novell.com/show_bug.cgi?id=639261
https://bugzilla.novell.com/show_bug.cgi?id=640278
https://bugzilla.novell.com/show_bug.cgi?id=643249
https://bugzilla.novell.com/show_bug.cgi?id=644219
https://bugzilla.novell.com/show_bug.cgi?id=644350
https://bugzilla.novell.com/show_bug.cgi?id=644373
https://bugzilla.novell.com/show_bug.cgi?id=646045
https://bugzilla.novell.com/show_bug.cgi?id=647392
https://bugzilla.novell.com/show_bug.cgi?id=647497
https://bugzilla.novell.com/show_bug.cgi?id=647775
https://bugzilla.novell.com/show_bug.cgi?id=648308
https://bugzilla.novell.com/show_bug.cgi?id=649231
https://bugzilla.novell.com/show_bug.cgi?id=649257
https://bugzilla.novell.com/show_bug.cgi?id=649820
https://bugzilla.novell.com/show_bug.cgi?id=650109
https://bugzilla.novell.com/show_bug.cgi?id=650111
https://bugzilla.novell.com/show_bug.cgi?id=650113
https://bugzilla.novell.com/show_bug.cgi?id=650116
https://bugzilla.novell.com/show_bug.cgi?id=650128
http://support.novell.com/security/cve/CVE-2010-2963.html
http://support.novell.com/security/cve/CVE-2010-3865.html
http://support.novell.com/security/cve/CVE-2010-3904.html

Solution :

Apply SAT patch number 3462 / 3463 as appropriate.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 51615 ()

Bugtraq ID:

CVE ID: CVE-2010-2963
CVE-2010-3865
CVE-2010-3904

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now